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DETAILED ACTION 
Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1 . 1 1 4, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.114, and the fee set 
forth in 37 CFR 1.17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 07 
August 2006 has been entered. 

2. By the above submission, Claims 1, 8, 9, and 12 have been amended. Claims 
15-17 have been canceled. New Claims 18-20 have been added. Claims 1-14 and 18- 
20 are currently pending in the present application. 

Response to Arguments 

3. Applicant's arguments filed 07 August 2006 have been fully considered but they 
are not persuasive. 

Regarding the rejection of Claims 9-14 under 35 U.S.C. 101 as directed to non- 
statutory subject matter, Applicant argues that the amendments to the claim "clarify that 
Applicant's intent is not to claim a program written on paper" and that the claim is, in 
fact, directed to statutory subject matter. However, the Examiner respectfully disagrees. 
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Even though the claim now recites instructions "which when processed by a machine 
direct the machine to perform a method", the fact is that the claim is still, at base, 
directed to a "machine-accessible medium". The term "machine-accessible medium" is 
itself an extremely broad term, and because it is not defined anywhere in the 
application, the individual words are given their ordinary meaning. Both the words 
"machine" and "accessible" are broad terms; for example, a "machine" such as an 
optical scanner could "access" the "medium" of paper having computer code written 
thereon, as previously noted, and as another example, a "machine" such as a radio 
receiver could "access" or receive the "medium" of an electromagnetic wave having 
similar code encoded therein. Neither code on a paper nor a signal medium such as a 
wave is considered to provide a tangible medium to constitute a machine or 
manufacture within the meaning of 35 U.S.C. 101, and they are also not a series of 
steps to be a process nor are they a composition of matter; as such, they fail to fall 
within a statutory category of invention. Code on paper or a signal medium constitute, 
at best, functional descriptive material perse, which is not considered to be statutory 
subject matter. When a claim can include non-statutory embodiments, the claim as a 
whole is considered to be directed to non-statutory subject matter. The Examiner notes 
the use in MPEP § 2106 of the term "computer-readable medium". 

Regarding the rejection of Claim 8 under 35 U.S.C. 112, second paragraph. 
Applicant argues that the amendment to the claim clarifies that the third party's ability to 
use the first certificate is revoked and that this is supported by the statement in 
paragraph 0026 of the present specification that "the client does not provide the 
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certificate when it is requested, effectively revoking the privilege." However, the 
Examiner notes that although the specification provides support for the client not 
providing the certificate, it does not clearly provide support for or describe all possible 
ways of revoking the third party's ability to use the first certificate. Further, although the 
specification says that not providing the certificate "effectively revokes" the privilege, this 
still seems to contradict the more common definition of revoking a certificate, where only 
the issuer can actually revoke a certificate. The Examiner again notes that as claimed, 
the client revokes the use of a certificate, but the client is not the issuer of the certificate; 
rather, it is the authorizer that is the issuer. 

Also regarding the rejection of Claim 8 under 35 U.S.C. 112, second paragraph, 
Applicant requests clarification for what antecedent basis is believed to be missing for 
the limitation "the client not providing the at least one first certificate". The Examiner 
notes that there is no antecedent basis for this limitation because, although there is a 
client recited, there is no recitation anywhere previously of "a client not providing (the) at 
least one first certificate". 

Regarding the rejection of Claims 1-9 and 12-14 under 35 U.S.C. 102(e) as 
anticipated by McGarvey, US Patent 6643774, the rejection of Claim 10 under 35 
U.S.C. 103(a) as unpatentable over McGarvey in view of Eastlake et al, "XML-Signature 
Syntax and Processing", and the rejection of Claim 1 1 under 35 U.S.C. 103(a) as 
unpatentable over McGarvey in view of Ellison et al, "SPKI Certificate Theory", 
Applicant argues that McGarvey fails to teach or suggest a client providing a certificate 
to an authorizer. However, the Examiner respectfully disagrees, noting that although, 
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as Applicant notes at page 9 of the present response, at step 805, for example, the 
client provides a certificate to the third party, the third party then forwards that certificate 
on to the authorizer (see McGarvey, column 11, lines 61-66; see also Figure 8, step 
806). Therefore, the Examiner believes that the client does, in fact, provide a certificate 
to an authorizer 

Also regarding the rejections under 35 U,S,C, 102(e) and 103(a), Applicant 
further argues that the correlation between client 300, server 310, and private key 
system 330 in McGarvey and the client, third party, and authorizer (respectively) of the 
claims, does not make sense because McGarvey fails to describe any interaction 
between the client (corresponding to the claimed client) and the private key system 
(corresponding to the claimed authorizer). However, the Examiner respectfully 
disagrees, noting that McGarvey clearly states that an exchange of certificates and 
credentials is between the client and the private key system (column 1 1 , lines 44-46); 
this is clearly an interaction therebetween. 

Therefore, for the reasons detailed above, the Examiner maintains the rejections 
as set forth below. 
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Election/Restrictions 



4. In the explanation below, reference is made to the following inventions: 

I. Claims 1-14, directed to methods and software for using certificates, 
classified in class 713, subclass 156. 

II. Claims 1 8-20, directed to methods for determining whether a resource 
request from a third party is to be granted, classified in class 726, subclass 4. 

5. Newly submitted claims 1 8-20 are directed to an invention that is independent or 
distinct from the invention originally claimed for the following reasons: 

Inventions I and II are related as subcombinations disclosed as usable together 
in a single combination. The subcombinations are distinct if they do not overlap in 
scope and are not obvious variants, and if it is shown that at least one subcombination 
is separately usable. In the instant case, subcombination I has separate utility such as 
allowing a client to control a third part/s use of a certificate. See MPEP § 806.05(d). 

Because these inventions are independent or distinct for the reasons given 
above and there would be a serious burden on the examiner if restriction is not required 
because the inventions have acquired a separate status in the art in view of their 
different classification, restriction for examination purposes as indicated is proper. 

Since applicant has received an action on the merits for the originally presented 
invention, this invention has been constructively elected by original presentation for 
prosecution on the merits. Accordingly, claims 1 8-20 are withdrawn from consideration 



Application/Control Number: 10/022,592 
Art Unit: 2137 



Page 7 



as being directed to a non-elected invention. See 37 CFR 1.142(b) and MPEP § 
821.03. 

Specification 

6. The objection to the disclosure for informalities is withdrawn in light of the 
amendments to the specification. Applicant's cooperation is again respectfully 
requested in correcting any other errors of which applicant may become aware in the 
specification. 

7. The objection to the specification for failing to provide proper antecedent basis 
for the claimed subject matter is withdrawn in light of the amendments to the claims. 
The Examiner notes that Applicant asserts that "nowhere in the specification is it stated 
that a second certificate cannot identify the third party" (page 7 of the present 
response); however, the Examiner notes that not stating that a second certificate cannot 
identify a third party is NOT equivalent to affirmatively stating in an enabling manner 
that a second certificate can, in fact, identify a third party. 

Claim Rejections - 35 USC § 101 

8. 35 U.S.C. 101 reads as follows: 

Whoever invents or discovers any new and useful process, machine, manufacture, or composition of 
matter, or any new and useful improvement thereof, may obtain a patent therefor, subject to the 
conditions and requirements of this title. 
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9. Claims 9-14 are rejected under 35 U.S.C. 101 because the claimed invention is 
directed to non-statutory subject matter. 

Claims 9-14 are directed to a "machine-accessible medium" including a computer 
program ("instructions") for performing method steps. The term "machine-accessible 
medium" is broad enough to encompass, for example, a computer program written on 
paper. This is a computer program or data structure per se. Functional descriptive 
material such as a computer program per se that is not embodied in a computer 
readable medium is not statutory subject matter. See MPEP § 2106 IV. B.I (a). 

Claim Rejections - 35 USC § 112 

10. The rejection of Claims 1-8 under 35 U.S.C. 112, first paragraph, as failing to 
comply with the written description requirement is withdrawn in light of the amendments 
to the claims. 

1 1 . The rejection of Claim 12 under 35 U.S.C. 112, second paragraph, as indefinite 
is withdrawn in light of the amendments to the claim. As noted above, the rejection of 
Claim 8 is maintained for the reasons detailed below. 

12. The following is a quotation of the second paragraph of 35 U.S.C. 112: 

The specification shall conclude with one or more claims particularly pointing out and distinctly 
claiming the subject matter which the applicant regards as his invention. 
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13. Claim 8 is rejected under 35 U.S.C. 112, second paragraph, as being indefinite 
for failing to particularly point out and distinctly claim the subject matter which applicant 
regards as the invention. 

Claim 8 recites the limitation "the client not providing the at least one first 
certificate". There is insufficient antecedent basis for this limitation in the claims; 
although there is a client, there is no mention of a client not providing the at least one 
first certificate. Further, the limitation is generally vague. Additionally, the claim recites 
"revoking, by the client, the third party's ability to use the at least one first certificate"; 
however, by the art-accepted definition of the term, a certificate, or the use thereof, can 
only be revoked by the issuer, and the client is not the issuer of the first certificate{s). 
Rather, the authorizer is the issuer, and therefore, the client would not be able to revoke 
the first certificate(s). This contradiction further renders the claim indefinite. 



Claim Rejections - 35 USC § 102 



14. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 102 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, published under section 122(b), by 
another filed in the United States before the invention by the applicant for patent or (2) a patent 
granted on an application for patent by another filed in the United States before the invention by the 
applicant for patent, except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application filed in the United States 
only if the international application designated the United States and was published under Article 21(2) 
of such treaty in the English language. 
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15. Claims 1-9 and 12-14 are rejected under 35 U.S.C. 102(e) as being anticipated 
by McGarvey, US Patent 6643774. 

In reference to Claim 1 , McGarvey discloses a method including a client storing a 
first certificate from an authorizer, the client storing a URI associated with the first 
certificate and a third party, the client providing a certificate and the URI to the third 
party (see column 12, lines 22-26), and the client providing the first certificate to the 
authorizer upon the authorizer accessing the URI, in which the client retains control over 
the third party's use of the first certificate (see Figures 3 and 8, where the client 300 
corresponds to the client of the present claim, the server 31 0 corresponds to the third 
party of the present claim, and private key system 330 corresponds to the authorizer of 
the present claim; see also column 11, line 37-column 12, line 11). 

In reference to Claims 2 and 3, McGarvey further discloses providing a short- 
term use certificate to the third party (column 12, lines 30-35; column 8, lines 8-13). 

In reference to Claim 4, McGarvey further discloses authenticating the authorizer 
upon accessing the URI (column 11, lines 60-81). 

In reference to Claims 5 and 6, McGarvey further discloses limiting and tracking 
the third party's use of the first certificate (column 8, lines 8-13). 

In reference to Claim 7, McGarvey further discloses that the contents of the first 
certificate are not revealed to the third party (see column 1 1 , lines 42-46). 

In reference to Claim 8, McGarvey further discloses that the first certificate can 
be revoked (see column 12, lines 30-36). 
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In reference to Claim 9, McGarvey discloses a computer-implemented method 
including a client receiving a first certificate from an authorize, the client generating a 
URI associated with the first certificate and a third party, the client providing a second 
certificate and the URI to the third party (see column 12, lines 22-26), and the client 
providing the first certificate to the authorizer upon the authorizer accessing the URI 
after the third party has provided the second certificate and URI to the authorizer (see 
Figures 3 and 8, where the client 300 corresponds to the client of the present claim, the 
server 310 corresponds to the third party of the present claim, and private key system 
330 corresponds to the authorizer of the present claim; see also column 1 1 , line 37- 
column 12, line 11). 

In reference to Claim 12, McGarvey further discloses that the third party is 
granted access to a resource of the authorizer (column 8, lines 4-19). 

In reference to Claim 13, McGarvey further discloses tracking a use of the 
second certificate (column 8, lines 8-13). 

In reference to Claim 14, McGarvey further discloses that the second certificate 
can be revoked (column 8, lines 10-13; column 12, lines 30-36). 

Claim Rejections - 35 USC § 103 

16. The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the prior art are such that the subject matter as a whole would have been obvious at the time the 
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invention was made to a person liaving ordinary sl(ill in the art to wliich said subject matter pertains. 
Patentability shall not be negatived by the manner in vi/hich the invention was made. 

17. Claim 10 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
McGarvey in y\ew of Eastlake at al, "XML-Signature Syntax and Processing". 

McGarvey discloses everything as applied above to Claim 9. However, 
McGarvey does not explicitly disclose the use of XML signatures. Eastlake discloses 
that XML signatures can be used to apply digital signatures to the content of resources 
that may be external to the signature itself (page 4, section 1.0, "Introduction"). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to modify the system of McGarvey to include the use of XML 
signatures, in order to provide integrity and message or signer authentication (see 
Eastlake, page 1 , Abstract). 

1 8. Claim 1 1 is rejected under 35 U.S.C. 103(a) as being unpatentable over 
McGarvey in view of Ellison et al, "SPKI Certificate Theory". 

McGarvey discloses everything as applied above to Claim 9. However, 
McGarvey does not explicitly disclose the use of SPKI certificates. Ellison et al disclose 
that authorization certificates can be used to delegate authorizations (page 14, section 
4, "Delegation") and that SPKI certificates can be used to define an authorization 
certificate (page 13, section 3.3, "SPKI Certificates"). Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to modify 
the systems and methods of McGarvey to include the use of SPKI certificates, in order 
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to allow for authorizations to be delegated without needing to involve the owner of the 
resource concerned (see Ellison, page 14, section 4). 

Conclusion 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Zachary A. Davis whose telephone number is (571) 272- 
3870. The examiner can normally be reached on weekdays 8:30-6:00, alternate 
Fridays off. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Emmanuel Moise can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is 571- 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 
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